Browser anonymization functions compared

Firefox

Firefox [3] has enjoyed years of growing popularity. The browser by the Mozilla project is one of the most used browsers. In our lab, I used version 21. Firefox clears the browsing history, cookies, cache, active logins, all search terms entered, and form data, as well as the off-site data (files stored by a website) and site settings (exceptions saved by the user) with one click.

Users cannot not delete or view web storage – at least not manually. However, instructing Firefox to eliminate all data on closing also includes the web storage contents. Speaking of which, web storage usually is available to web applications, and Firefox users do not even know which sites have stored data.

By default, Firefox accepts cookies from all sites, but on request, only from the original page, or not at all. Alternatively, the browser can, before accepting a cookie, ask what to do with it; users can also define rules for individual sites. In the well-hidden cookie management, users can then view and delete cookies, either individually, or in bunches for a domain.

The Mozilla browser loads all images and also executes JavaScript. However, it autonomously blocks pop-ups. In Preferences, users can customize this behavior and set up exceptions. Additionally, the Tools | Page Info dialog supports fine-tuning (Figure 4). Here, users can keep the opened page from loading images, opening pop-ups, saving cookies, and installing themes.

The dialog also manages geolocation queries, access to offline storage (but not web storage), and switching to full screen mode. Access to the geolocation API is only possible through this dialog, a general setup is not available.

Scouted

While you type a keyword into the search box on the right, Firefox contacts the selected search engine and looks for suggestions. The browser natively includes various search engines depending on your distro, but you can add more engines with a mouse click. The settings for the engine, however, only apply to the search field. If you type your a term in the address bar, Firefox always uses the distro's default search engine.

In the preferences, users can prohibit the integration of web fonts. In the Privacy tab, the configuration dialog lets you specify if and when the browser sends do-not-track messages, when and how it generates a history, whether it remembers forms you completed and search keys you typed, and whether it saves cookies (Figure 5). Firefox users also can choose to surf in private browsing mode at all times. In this mode, the browser does not store a history, does not save form entries, and discards the associated cookies and web storage data when you close the private window.

On request, Firefox will synchronize your settings, bookmarks, and private data with other browser instances via the Mozilla cloud. Unlike Chrome, you need to switch this feature on explicitly, and you can set up your own servers as data stores [14]. Mozilla turns out to be a data collector elsewhere: If the user does not expressly disable this, Firefox wires crash and status reports to the manufacturer that include statistics on the total running time and the number of installed add-ons.

Firefox can also send telemetry data to Mozilla, such as information about the processor, memory, and IP address. Fortunately, this feature is disabled by default. The browser also points out its acquisitiveness when first launched, and at the same time offers to remedy the settings.

Firefox warns against access to sites with phishing or malware and orients its warnings on the Mozilla blacklist. Unlike Epiphany, it is not possible to add to the list or add your own list. Anonymizing add-ons are available a dime a dozen – no other browser has so many extensions.

Konqueror

The KDE Software Collection includes the Konqueror web browser [4]; version 4.10 was on our lab machine. In the Tools menu, users can quickly disable JavaScript, Java, saving cookies, and loading images. Also, extensions – known as modules in Konqueror – can be switched on and off, and you can change the browser ID quickly if needed.

Other browsers need add-ons to do this, if they can do it at all, but Konqueror has this ability natively and can report a false name either to all sites or just the currently accessed site. In the settings, users can even switch off the ID completely or not define their own (Figure 6).

Figure 6: Konqueror offers to change the browser ID. In this dialog, you can also enable the feature specifically for individual sites or entire domains.

The Tools menu also lets users set up a proxy and disable the browser cache. The individual functions can only be switched on or off here. To fine-tune, you need to change to the program settings. One exception is the cache for which three options are available in Tools | HTML Settings | Cache Policy: the Keep cache in Sync, Use Cache if Possible, and Offline Browsing Mode options.

Konqueror optionally displays Bookmarks, History, and other items in a sidebar on the left side of the screen. Right-clicking lets users remove individual items or the entire history. In the browser settings, you can determine how many addresses to store in the history and the number of days to keep entries. For each URL, the KDE program remembers by default how often it is visited and the first and last dates it was visited. Users can prevent this behavior in the settings.